- All Exams Instant Download
Given this information, which of the following is the MOST likely path of exploitation to achieve root privileges on the machines?
After gaining initial low-privilege access to a Linux system, a penetration tester identifies an interesting binary in a user’s folder titled “changepass” -sr Cxr -x 1 root root 6443 Oct 18 2017 /home/user/changepass Using “strings” to print ASCII printable characters from changepass, the tester notes the following: $ strings changepass...
Which of the following commands would be BEST to return results?
A penetration tester, who is not on the client’s network. is using Nmap to scan the network for hosts that are in scope. The penetration tester is not receiving any response on the command: nmap 100.100/1/0-125 Which of the following commands would be BEST to return results?A . nmap -Pn...
Which of the following can be used in a pass-the-hash attack?
A file contains several hashes. Which of the following can be used in a pass-the-hash attack?A . NTLMv2B . KerberosC . NTLMv1D . LMv2E . NTLMView AnswerAnswer: B
Which of the following Medusa commands would potentially provide better results?
During an internal network penetration test the tester is able to compromise a Windows system and recover the NTLM hash for a local wrltsrnAdrain account Attempting to recover the plaintext password by cracking the hash has proved to be unsuccessful, and the tester has decided to try a pass-the-hash attack...
Which of the following methods is the correct way to validate the vulnerability?
A penetration tester wants to check manually if a “ghost” vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?A . Download the GHOST file to a Linux system and compilegcc -o GHOSTtest i:./GHOSTB . Download the GHOST file to a Windows...
When negotiating a penetration testing contract with a prospective client, which of the following disclaimers should be included in order to mitigate liability in case of a future breach of the client’s systems?
When negotiating a penetration testing contract with a prospective client, which of the following disclaimers should be included in order to mitigate liability in case of a future breach of the client’s systems?A . The proposed mitigations and remediations in the final report do not include a cost-benefit analysis.B ....
Before beginning to test the application, which of the following should the assessor request from the organization?
A security assessor is attempting to craft specialized XML files to test the security of the parsing functions during ingest into a Windows application. Before beginning to test the application, which of the following should the assessor request from the organization?A . Sample SOAP messagesB . The REST API documentationC...
Black box penetration testing strategy provides the tester with:
Black box penetration testing strategy provides the tester with:A . a target listB . a network diagramC . source codeD . privileged credentialsView AnswerAnswer: A Explanation: References: https://www.scnsoft.com/blog/fifty-shades-of-penetration-testing
Which of the following is the purpose of an NDA?
Which of the following is the purpose of an NDA?A . Outlines the terms of confidentiality between both partiesB . Outlines the boundaries of which systems are authorized for testingC . Outlines the requirements of technical testing that are allowedD . Outlines the detailed configuration of the networkView AnswerAnswer: A
Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?
Which of the following commands will allow a tester to enumerate potential unquoted services paths on a host?A . wmic environment get name, variablevalue, username / findstr /i “Path” | findstr /i “service”B . wmic service get /format:hform > c:tempservices.htmlC . wmic startup get caption, location, command | findstr /i...
